A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
GNU Affero General Public License v3.0
270
stars
67
forks
source link
3) feature - updating Capital to the new OWASP API Security Top 10 2023 #62
Add an exercise for API7:2023 Server Side Request Forgery
https://owasp.org/API-Security/editions/2023/en/0xa7-server-side-request-forgery/